Starting the Store server Docker container by retrieving parameters from Vault

Learn about how to start Store server Docker container by specifying CONFIGURE_MODE=Vault.

Mandatory environment variables

These are the mandatory environment variables that you must specify to configure the Store server Docker container to retrieve additional parameters from Vault.


Environment variable name	Description	Comments
TENANT	The name of the group that contains your set of environments. For example, `MyCompany`.	Container environment variable. This can be specified in the values.yaml configuration file under `common.tenant`.
ENVIRONMENT	The name of the environment. For example, `Non-production`.	Container environment variable. This can be specified in the values.yaml configuration file under `common.environmentName`.
ENVTYPE	The environment type. Accepted values are `auth` and `live`.	Container environment variable. This can be specified in the values.yaml configuration file under `common.environmentType`.
VAULT_TOKEN	The Vault token to use to connect to Vault and request certification from Vault PKI.	Container environment variable. This can be specified in the values.yaml configuration file under `common.vaultToken`.
VAULT_URL	The Vault URL to use to connect to Vault and request certification from Vault PKI.	Container environment variable. This can be specified in the values.yaml configuration file under `common.vaultUrl`.
LICENSE	The license acceptance. You must set this value to `accept` in order to acknowledge the terms of the HCL Commerce licenses.	Container environment variable. This can be specified in the vaules.yaml configuration file under `license`.
CONFIGURE_MODE	The configure mode. Accepted values are: `Vault` for Vault configuration. `EnvVariables` for environment variables configuration. Set this value to `Vault` to use Vault configuration, and the configurations present within this reference.	Container environment variable. This can be specified in the values.yaml configuration file under `common.configureMode`.

Optional environment variables

These are the optional environment variables that you can specify to configure the Store server Docker container.

All parameters that you specify as container environment variables take precedence over the values that are stored in Vault.


Environment variable name	Description	Comments
EXPOSE_METRICS	Specify if you want to enable metrics for the environment. Accepted values are: `true` for enabled. `false` for disabled. The default value is set to `true`.	Container environment variable. This can be specified in the values.yaml configuration file under `metrics.enabled`.
ELASTICSEARCH_ENABLED	Specify whether the Elasticsearch-based search solution is in use for the deployed environment. Accepted values are: `true` for the Elasticsearch-based search solution. `false` for the Solr-based search solution. The default value is `true`.	Container environment variable. This can be specified in the values.yaml under `common.searchEngine`. Note: When the value of `searchEngine` is set to `elastic`, then the ELASTICSEARCH_ENABLED environment variable is set to `true`. When the value of `searchEngine` is set to `solr`, then the ELASTICSEARCH_ENABLED environment variable is set to `false`. The default value is `elastic`.
HYSTRIX_ENABLE	Specify if you want to enable Hystrix. For more information on Hystrix, see Hystrix on the Store server. Accepted values are: `true` to enable Hystrix. `false` to leave Hystrix disabled. The default value is `false`.

Mandatory Vault configuration variables

These are the mandatory Vault key values that you must specify within Vault to configure the Store server Docker container to use the Vault configuration mode.


Vault path	Description	Reference Environment Variable
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/spiUserName` Note: This value is optional as of HCL Commerce 9.1.7.0.	The spiuser user name. If the value is not defined, then `spiuser` is used.	SPIUSER_NAME
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/spiUserPwd`	The ASCII encrypted spiuser user password. To set the password in your custom Docker containers, see Setting the spiuser password in your Docker images.	SPIUSER_PWD
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/adminSpiUserPwd`	The plain text spiuser user password. The ADMIN_SPIUSER_PWD must be the same value as SPIUSER_PWD but kept as plain text. To set the password in your custom Docker containers, see Setting the spiuser password in your Docker images.	ADMIN_SPIUSER_PWD

Optional Vault configuration variables

These are the optional Vault key values that you can specify within Vault to configure the Store server Docker container when used with the Vault configuration mode.


Vault path	Description	Reference Environment Variable
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/domainName`	Specify the internal service domain name. If the deployed environment is on a special namespace on Kubernetes, then the domain name should be .svc.cluster.local. If no value is specified, then the default, `default.svc.cluster.local`, is used.	DOMAIN_NAME
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txHost`	The Transaction server host name. The default value is `app`.	TX_HOST
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txPort`	The Transaction server port number. The default value is `5443`.	TX_PORT
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchMasterHost` (For the authoring environment) `${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchSlaveHost` (For the live environment)	The Search server hostname. The value in Vault that you set depends on the search solution and environment type that you are configuring.	SEARCH_HOST
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchPort`	The Solr-based search solution Search server port number. The default value is `3738`.	SEARCH_PORT
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchScheme`	The Solr-based search solution Search server scheme. The default value is `https`.	SEARCH_SCHEME
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/queryHost`	The Search server host name for the Elasticsearch-based search solution. Specify a value if you want to set queryHost, instead of using the default value.	SEARCH_HOST
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/queryPort`	The Search server port number for the Elasticsearch-based search solution. Specify a value if you want to set queryPort, instead of using the default value. The default value is `30901`.	SEARCH_PORT
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/queryScheme`	The Search server scheme for the Elasticsearch-based search solution. Specify a value if you want to set queryScheme, instead of using the default value. The default value is `https`.	SEARCH_SCHEME
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/crs-sslport`	The secure remote store page redirect port.	SSLPort
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/crs-nonsslport`	The non-secure remote store page redirect port.	NONSSLPort
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/kafkaServers` Note: The KAFKA SERVERS, ZOOKEEPER_SERVERS (removed from 9.1.10.0), KAFKA_TOPIC_PREFIX, KAFKA_AUTHENTICATION_USERID and KAFKA_AUTHENTICATION_PASSWORD parameters must be provided together.	The Kafka server. Works with ZOOKEEPER_SERVERS if you want to configure the container for cache validation.	KAFKA_SERVERS
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/zooKeeperServers` Note: Removed from HCL Commerce and greater.	Works with KAFKA_SERVERS, if you want to configure the container for cache validation.	ZOOKEEPER_SERVERS
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/kafkaTopicPrefix`	KAFKA_TOPIC_PREFIX is used to compose the queue name for the cache invalidation.	KAFKA_TOPIC_PREFIX
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/kafkaAuthenticationUserId`	The Kafka authentication user name.	KAFKA_AUTHENTICATION_USERID
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/kafkaAuthenticationPassword`	The Kafka authentication user password.	KAFKA_AUTHENTICATION_PASSWORD
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/crs-app`	If you want to change the trace specification for the Search server, specify a value.	TRACE_SPEC
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/healthCenterEnable/crs-app`	Specify a value if you want to enable Health Center. Accepted values are: `true` for enabling Health Center. `false` for not enabling Heather Center. The default value is `false`.	HEALTH_CENTER_ENABLED
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/threadMonitorEnable/crs-app`	Specify a value if you want to enable Thread Monitor. Accepted values are: `true` for enabling Thread Monitor. `false` for not enabling Thread Monitor. The default value is `false`.	THREAD_MONITOR_ENABLED
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/redisPasswordEncrypt`	The encrypted Redis password.	REDIS_PASSWORD_ENCRYPT
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/hystrixEnable`	Specify if you want to enable Hystrix. For more information on Hystrix, see Hystrix on the Store server. Accepted values are: `true` to enable Hystrix. `false` to leave Hystrix disabled. The default value is `false`.	HYSTRIX_ENABLE